Support

Support for business applications

Kaspersky Embedded Systems Security 3.x

Device Control

Managing Device Control via the Application Console

Configuring Device Control rules

Expanding Device Control rules usage scope

Kaspersky Embedded Systems Security 3.x
Нет результатов
Knowledge Base Online Help
FAQ Download Forum Contact support Recovery tools

Expanding Device Control rules usage scope

October 25, 2023

ID 148411

Save as PDF

Each automatically generated device control rule covers only one external device. You can manually expand a rule usage scope by setting the device instance path mask in properties of any specified device control rule.

Using a device instance path mask reduces the total number of allowing device control rules and simplifies rule processing. But expanding of a rule usage scope can lead to decreasing of external devices control efficiency.

To apply a device instance path mask in a device control rule properties:

  1. Open the Device Control rules window.
  2. In the window that opens, select a rule to use its properties for mask application.
  3. Open the Rule properties window by double clicking on a selected device control rule.
  4. In the window that opens, perform the following operations:
    • Select the Use mask check box next to the Manufacturer (VID) field if you want the selected rule to allow connections for all external devices that fit the specified information about device manufacturer.
    • Select the Use mask check boxes next to the Controller type (PID) field if you want the selected rule to allow connections for all external devices that fit the specified information about controller type.
    • Select the Use mask check box next to the Serial number field if you want the selected rule to allow connections for all external devices that match the specified information about the device serial number.

    If the Use mask check box is selected in at least one of the fields, the data from the fields with the selected check box is replaced with the * character and is not considered when the rule is applied.

  5. Specify a user account or a group of users that have access to the selected USB-devices. The operating system displays all connected USB-devices. You can access only the USB-devices for which you have the respective access rights.
  6. If necessary, specify additional information about the rule in the User or group of users field. For example, specify the devices affected by the rule.
  7. Click the OK button.

The newly configured rule properties will be saved. The rule usage scope will be expanded according to a device instance path mask specified.

Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).
Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.